Enterprise Recon 2.6.0

ER 2.6.0 Release Notes

The Release Notes provide information about new features, platforms, data types, enhancements, bug fixes and all the changes that have gone into Enterprise Recon 2.6.0.

For a quick view of the changes since the last Enterprise Recon release, see Summary of Changes.

Contents:

  1. Highlights
  2. Important Notes
  3. Changelog
  4. Features That Require Agent Upgrades

New and Improved Features

Integration Enhancements for Microsoft 365

The OneDrive Business module in Enterprise Recon 2.6.0 has been updated to use application permissions for authentication and authorization, similar to the Exchange Online Target. This change aligns with Ground Labs' security principle of least privilege access by removing the need for credentials with administrator permissions when setting up and scanning OneDrive Business Targets. Using application permissions removes the requirement to generate a unique access code for each new OneDrive Business path or folder to scan, simplifying your integration with the Enterprise Recon API.

Enterprise Recon 2.6.0 also features an updated SharePoint Online module that moves away from basic authentication (NTLM) to the app authentication (OAuth 2.0) method for enhanced authorization security.

To continue scanning OneDrive Business and SharePoint Online Targets without interruption, please:

  1. Upgrade your Master Server, and
  2. Update all OneDrive Business and SharePoint Online credential sets added in earlier versions of ER2.

See OneDrive Busines - Configure Microsoft 365 Account and SharePoint Online - Configure SharePoint Add-in for more information.

New Platform Integrations

Scan Resources in Google Cloud Storage

NEW Cloud storage services are a critical part of businesses today as organizations want to seamlessly access information and data anytime, anywhere. Understanding this, Enterprise Recon 2.6.0 introduces support for Google Cloud Storage, a highly scalable and flexible cloud data storage provider.

The Google Cloud Storage module enables you to search for sensitive data in your Google Cloud projects, and gives you the flexibility to select specific Cloud Storage buckets or objects to scan.

An Agent Upgrade is required to take advantage of this capability in ER2.

See Google Cloud Storage for more information.

Official Support for Cloudera Distribution for Hadoop

NEW Cloudera Distribution for Hadoop (CDH), a popular platform for distributed storage and distributed processing of Big Data, is officially supported in Enterprise Recon 2.6.0.

See Network Storage Locations - Hadoop Clusters for more information.

New and Improved Data Types

The Australian Passport Number data type has been enhanced for improved accuracy and coverage of the newer passport series, with additional updates made to enable the Australian Passport Number to be detected on the passport MRZ line.

Discover Global Network cardholder data types including China Union Pay, Diners Club, Discover, and JCB have been updated to identify 14-19 digit primary account numbers (PANs) for all supported BIN ranges.

Important Notes

CRITICAL: One Way Upgrade to Enterprise Recon 2.6.0

Certain data sets, storage formats and components for the Master Server have been updated in Enterprise Recon 2.6.0. Therefore once the Master Server is updated from ER 2.5.0 (and below) to ER 2.6.0, the datastore is not backward compatible and downgrading ER 2.6.0 to an earlier version is not supported.
Please contact the Ground Labs Support Team for assistance with upgrading the Master Server.

CRITICAL: End of Support for KCT Datastore Format

From Enterprise Recon 2.0.28, new installations of Enterprise Recon utilize CentOS 7 and RDB datastore format, which features improved reliability, better performance, and reduced internal fragmentation.

If your existing Master Server installation is based on CentOS 6 or utilizes the KCT datastore format, please upgrade to CentOS 7 and migrate your datastore to RDB format before upgrading to Enterprise Recon 2.6.0 to continue using Enterprise Recon without interruption.

The Ground Labs Support Team is available to assist customers who wish to upgrade and migrate existing installations of Enterprise Recon.

Upcoming End-of-Support Platforms and Features

The following platforms and/or features will reach end of support and be removed in a subsequent release of Enterprise Recon:

  • Linux 2.4 Node Agents
    To continue scanning Linux server Targets, install the Linux 2.6 Node Agent instead.
  • Email Targets
    • Microsoft Exchange (EWS)
      To continue scanning the Microsoft Exchange Server, use the Exchange Domain protocol instead.

Changelog

The Changelog is a complete list of all the changes in Enterprise Recon 2.6.0.

What’s New?

  • New Platform Integrations
    • NEW Google Cloud Storage
    • NEW Cloudera Distributed Hadoop (CDH)
  • Added:

    • SCRAM-SHA-256 password-based authentication method is now supported for PostgreSQL database Targets.
    • Support for Linux 4 Agents (with and without database runtime components) is now available and compatible with hosts running Linux 4 RPM-based distributions, including CentOS 8, RHEL 8, Fedora 29, and more.

Enhancements

  • Improved Features:
    • The SharePoint Online module in ER 2.6.0 has been updated to use the app authentication (OAuth 2.0) method for authorization; basic authentication (NTLM) will no longer be supported. To continue scanning SharePoint Online Targets without interruption, (i) upgrade the Master Server, and (ii) update all SharePoint Online credential sets added in earlier versions of ER2. See SharePoint Online - Configure SharePoint Add-in for more information.
    • The Exchange Domain module has been updated with improved connectivity between the Master Server and Exchange Domain servers.
    • The OneDrive Business module in ER 2.6.0 has been updated to use application permissions for authentication and authorization; delegated permissions will no longer be supported. To continue scanning OneDrive Business Targets without interruption, (i) upgrade the Master Server, and (ii) update all OneDrive Business credential sets added in earlier versions of ER2. See OneDrive Busines - Configure Microsoft 365 Account for more information.
    • Minor UI enhancements.

Bug Fixes

  • Scanning SharePoint Online Targets would result in "406 Not Acceptable" errors across many locations.
  • Scanning folders that contained special characters in the folder name would result in the "No credentials configured for location" error for OneDrive Business Targets.
  • The Master Server index service would generate a failure and the Investigate page would become unresponsive when performing certain remediation actions on large match objects.

  • Invalid paths for MongoDB Targets could be added and probed via the Enterprise Recon web UI and API.
  • Users were required to provide the Client Secret Key again when editing credential sets for Exchange Online Targets.
  • The "Location" column would display incorrect descriptions in Match Reports exported from the Investigate page for certain protocols.
  • The Enterprise Recon web UI operations would become blocked for Master Server deployments with a large number of Targets and a correspondingly high number of data points for the Risk History Dashboard. This fix improves the communication efficiency between the UI and datastore when reading the Risk History data to prevent the web UI from becoming unresponsive, and also improves the time taken to start up the Master Server for environments with a large number of Risk History entries.
  • Enterprise Recon 2.6.0 has been updated to prevent a new Risk History Dashboard update process from running if a previous process was still in progress.
  • Some Agent host machines were not added as Targets even though the "Create a target defaulting to group <Target Group Name>" option was selected when using the "Verify All" feature.
  • Deleting a Target did not automatically delete the isolated reports for the Target from the datastore.
  • The "Status" for scan schedules that pause automatically during the Automatic Scan Pause Window would be incorrectly displayed as "Manually Paused" instead of "Automatically Paused" in the Scan History page.
  • The Master Server index service would generate a failure and restart if match location paths contained invalid UTF-8 encoded characters.
  • Scanning Exchange server Targets with a custom configuration of cipher suites would result in the "SSL_ERROR_SYSCALL Error observer by underlying SSL/TLS BIO: No error" error.
  • Attempting to re-apply the same remediation action on a Target location would cause the report service to generate a failure and restart if the remediation action had completed successfully the first time.

Features That Require Agent Upgrades

Agents do not need to be upgraded along with the Master Server, unless you require the following features in Enterprise Recon 2.6.0:

  • NEW Users can now scan Google Cloud Storage buckets and objects. Requires Windows, Linux or macOS Agents, with or without database runtime components.
  • Invalid paths for MongoDB Targets could be added and probed via the Enterprise Recon web UI and API.

For a table of all features that require an Agent upgrade, see Agent Upgrade.


PRO This feature is only available in Enterprise Recon PRO Edition. To find out more about upgrading your ER2 license, please contact Ground Labs Licensing. See Subscription License for more information.


Ensuring we are delivering the best technology for our customers is a core value at Ground Labs. If you are interested in future early builds of Enterprise Recon with forthcoming features, please email your interest to product@groundlabs.com.